Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:apple:mac_os_x:10.1.5
There are 3,211 matching records.
Displaying matches 2,821 through 2,840.
Vuln ID Summary CVSS Severity
CVE-2012-2858

Buffer overflow in the WebP decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted WebP image.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2857

Use-after-free vulnerability in the Cascading Style Sheets (CSS) DOM implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2856

The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-2855

Use-after-free vulnerability in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2854

Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to obtain potentially sensitive information about pointer values by leveraging access to a WebUI renderer process.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-2853

The webRequest API in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly interact with the Chrome Web Store, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2852

The PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not properly handle object linkage, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted document.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2851

Multiple integer overflows in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2850

Multiple unspecified vulnerabilities in the PDF functionality in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allow remote attackers to have an unknown impact via a crafted document.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-2849

Off-by-one error in the GIF decoder in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-2848

The drag-and-drop implementation in Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, allows user-assisted remote attackers to bypass intended file access restrictions via a crafted web site.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-2847

Google Chrome before 21.0.1180.57 on Mac OS X and Linux, and before 21.0.1180.60 on Windows and Chrome Frame, does not request user confirmation before continuing a large series of downloads, which allows user-assisted remote attackers to cause a denial of service (resource consumption) via a crafted web site.

Published: August 06, 2012; 11:55:01 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-1148

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

Published: July 03, 2012; 3:55:02 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-2827

Use-after-free vulnerability in the UI in Google Chrome before 20.0.1132.43 on Mac OS X allows attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.

Published: June 27, 2012; 6:18:39 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-2493

The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523.

Published: June 20, 2012; 4:55:02 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2012-3559

Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderate severity issue."

Published: June 14, 2012; 3:55:01 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-0675

Time Machine in Apple Mac OS X before 10.7.4 does not require continued use of SRP-based authentication after this authentication method is first used, which allows remote attackers to read Time Capsule credentials by spoofing the backup volume.

Published: May 10, 2012; 11:49:59 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-0662

Integer overflow in the Security Framework in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted input.

Published: May 10, 2012; 11:49:59 PM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2012-0660

Buffer underflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

Published: May 10, 2012; 11:49:59 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM
CVE-2012-0659

Integer overflow in QuickTime in Apple Mac OS X before 10.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG file.

Published: May 10, 2012; 11:49:59 PM -0400
V3.x:(not available)
V2.0: 6.8 MEDIUM